35 matches found
WordPress stopbadbots plugin SQL注入漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress stopbadbots plugin version 6.930 before the S...
WordPress plugin stopbadbots SQL注入漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A security vulnerability exists in the WordPress plugin...
WordPress StopBadBots plugin <= 7.02 - WordPress Options Update vulnerability
WordPress Options Update vulnerability discovered in WordPress StopBadBots plugin versions = 7.02. Solution Update the WordPress StopBadBots plugin to the latest available version at least 7.03...
WordPress StopBadBots plugin SQL injection vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. StopBadBots Plugin is a WordPress open source application plugin. WordPress StopBadBots Plugin in versions prior to...
CVE-2021-24863
The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots WordPress plugin before 6.67 does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection...
CVE-2021-24863
CVE-2021-24863 affects the WordPress plugin StopBadBots (StopBadBots WordPress plugin) prior to version 6.67. The vulnerability is a SQL injection caused by failure to sanitize and escape the User Agent before using it in a SQL statement to save it. Impact is unauthenticated access leading to dat...
WordPress和WordPress 插件 SQL注入漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. StopBadBots Plugin is a WordPress open source application plugin. WordPress StopBadBots Plugin in versions prior to...
StopBadBots < 6.67 - Unauthenticated SQL Injection
The plugin does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection PoC GET / HTTP/1.1 User-Agent: Zongbot' where id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'-- - Accept:...
StopBadBots < 6.67 - Unauthenticated SQL Injection
The plugin does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection GET / HTTP/1.1 User-Agent: Zongbot' where id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'-- - Accept:...
WordPress StopBadBots plugin <= 6.66 - Unauthenticated SQL Injection (SQLi) vulnerability
Unauthenticated SQL Injection SQLi vulnerability discovered by JrXnm in WordPress StopBadBots plugin versions = 6.66. Solution Update the WordPress StopBadBots plugin to the latest available version at least 6.67...
CVE-2021-24727
The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...
CVE-2021-24727
The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...
Sql injection
The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...
CVE-2021-24727
CVE-2021-24727 concerns the StopBadBots WordPress plugin prior to 6.60. The vulnerability arises from not validating/escaping the order and orderby GET parameter on certain admin dashboard pages, enabling authenticated SQL injections. Impact is authenticated SQLi with partial confidentiality/inte...
WordPress StopBadBots plugin <= 6.59 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability discovered by Martin Vierula Trustwave in WordPress StopBadBots plugin versions = 6.59. Solution Update the WordPress StopBadBots plugin to the latest available version at least 6.60...